Sign in Subscribe
By Curry

Upgrade OS to CentOS 7

Upgrade OS to CentOS 7

[[+Home]] | [[Procedure MOC]] | Tags:: #CentOS7

1. VM Setup

Basic host settings

nano -w /etc/hosts
hostname usdc1prdcoh04.ecvision.com
nano -w /etc/hostname

Add new partitions or extend /opt (LVM)

Steps:

echo "- - -" >  /sys/class/scsi_host/host0/scan
fdisk -l /dev/sdb
pvcreate /dev/sdb1
pvs
vgextend  DataVG1 /dev/sdb1
vgs
lvextend -l +100%FREE /dev/mapper/DataVG1-DataLV1
xfs_growfs  /dev/mapper/DataVG1-DataLV1

Change timezone

Steps:

rm /etc/localtime
ln -s /usr/share/zoneinfo/US/Eastern /etc/localtime

2. Pre-install softwares

yum -y install nano or wget http://mirror.centos.org/centos/7/os/x86_64/Packages/nano-2.3.1-10.el7.x86_64.rpm

Upgrade Sudo (CentOS7)

rpm -Uvh sudo-1.8.23-10.el7_9.1.x86_64.rpm

Install mailx (Optional)

yum -y install mailx

Unison (Optional)

yum -y install unison

3. VM pre-configuration and Data migration

Migrate Users from Old VM to New VM

/etc/passwd

##/etc/group

/etc/shadow

Synchronize data to New VM

rsync -r -a -v -e "ssh -l root" --delete --exclude gfs --exclude glusterfs /opt/ 10.201.24.x:/opt rsync -r -a -v -e "ssh -l root" --delete /home/ 10.201.24.x:/home rsync -r -a -v -e "ssh -l root" --delete /root/ 10.201.24.x:/root rsync -r -a -v -e "ssh -l root" --delete /var/www/html/ 10.201.24.x:/var/www/html rsync -r -a -v -e "ssh -l root" --delete /ITWorkspace/ 10.201.24.x:/ITWorkspace/ rsync -r -a -v -e "ssh -l root" --delete /etc 10.201.24.x:/root/

(Optional) rsync -r -a -v -e "ssh -l root" --delete /tmp/ 10.201.24.x:/tmp rsync -r -a -v -e "ssh -l root" --delete /usr/java/ 10.201.24.x:/usr/java rsync -r -a -v -e "ssh -l root" --delete /usr/java 10.201.24.x:/usr/java/

Overwrite settings from old VM to new VM

rc.local

cp /root/etc/rc.local /etc/rc.local chmod +x /etc/rc.d/rc.local

Cron Jobs

cp /root/etc/crontab /etc/crontab crontab -l

Create Symbolic link

mkdir /opt/glusterfs ln -s /opt/glusterfs /opt/gfs

Migrate Settings /etc/fstab

Check GFS and NFS

Compare and Change php-fpm parameters (Optional)

less /etc/php-fpm.d/www.conf e.g. pm.max_children = 38

service php-fpm restart service php-fpm status

Compare and Change php.ini parameters (Optional)

less /etc/php.ini

Check and change Java version

  1. java -version
  2. Change Java default version alternatives --install /usr/bin/java java /usr/java/jdk1.6.0_211/bin/java 400 alternatives --install /usr/bin/javac javac /usr/java/jdk1.6.0_211/bin/javac 400
  3. run below and choose java 1.6 alternatives --config java

Check and records any manual scripts

e.g. nohup /ITWorkspace/scripts/sync_csjob.sh &

Change file (authorized key) under /root/.ssh/

The filename on CentOS7 should be authorized_keys, without the "2"

4. Post installation

Install LDAP

https://confluence.dev.e2open.com/display/SCCIT/OS+LDAP+authentication

yum install -y adcli realmd samba-common-tools sssd sssd-common rpm -i http://devportal.ecvision.com/centos7/x86_64/ldap-client-config-1-3.el7.centos.x86_64.rpm

Install Wazuh

https://confluence.dev.e2open.com/display/SCCIT/Wazuh+Server+Implementation#WazuhServerImplementation-WazuhAgent(Manually;NotbyAnsible)

rpm --import http://packages.wazuh.com/key/GPG-KEY-WAZUH cat > /etc/yum.repos.d/wazuh.repo <<\EOF [wazuh_repo] gpgcheck=1 gpgkey=https://packages.wazuh.com/key/GPG-KEY-WAZUH enabled=1 name=Wazuh repository baseurl=https://packages.wazuh.com/3.x/yum/ protect=1 EOF

WAZUH_MANAGER_IP="10.1.132.237" yum -y install wazuh-agent sed -i "s/^enabled=1/enabled=0/" /etc/yum.repos.d/wazuh.repo

Install Cylance

5. Production Deployment

5.1 Disable Public access 5.2 Shutdown OLD wildfly 5.3 Stop Cron Jobs/Tasks 5.4 Unmount NFS/GFS 5.5 Rsync delta to new VM 5.6 Swap VM IP address 5.7 Migrate crontab settings 5.8 Double check folder owners (/opt/*, /home) 5.9 Change IP address on /etc/hosts 5.10 Check/Update all mount point settings(/etc/fstab) 5.11 Start new VM Wildfly 5.12 nohup /ITWorkspace/scripts/sync_csjob.sh & 5.13 Change ADC Settings

  • Add New Nodes
  • Clear ADC cache 5.14 Enable Public access

6. Verification

a. Test SFTP connection with account login b. Monitor if any wsimport wsdl from customers (Optional) c. Verification steps from PD/CIT team d. Login system Frontend and Backend by URL e. Check any IF Integration (Optional)

Subscribe to CurryTech

Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
jamie@example.com
Subscribe